History log of /openssl/doc/man3/OSSL_CMP_validate_msg.pod (Results 1 – 13 of 13)
Revision (<<< Hide revision tags) (Show revision tags >>>) Date Author Comments
# 7ed6de99 05-Sep-2024 Tomas Mraz

Copyright year updates


Reviewed-by: Neil Horman <nhorman@openssl.org>
Release: yes


# 40948c4c 11-Mar-2024 Dr. David von Oheimb

OSSL_CMP_{validate_msg,CTX_new}.pod: add warning notes on OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openss

OSSL_CMP_{validate_msg,CTX_new}.pod: add warning notes on OSSL_CMP_OPT_PERMIT_TA_IN_EXTRACERTS_FOR_IR

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/23814)

show more ...


# 556009c5 28-Sep-2023 Matt Caswell

Copyright year updates


Reviewed-by: Richard Levitte <levitte@openssl.org>
Release: yes


Revision tags: openssl-3.0.0-alpha17
# 080bd08f 06-May-2021 Dr. David von Oheimb

cmp_vfy.c: Use verification callback if cert_acceptable() finds expired cert

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https

cmp_vfy.c: Use verification callback if cert_acceptable() finds expired cert

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21656)

show more ...


# fc933357 22-Nov-2022 Dr. David von Oheimb

OSSL_CMP_validate_msg(): make sure to reject protection type mismatch

Do not accept password-based if expected signature-based and no secret is available and
do not accept signature-base

OSSL_CMP_validate_msg(): make sure to reject protection type mismatch

Do not accept password-based if expected signature-based and no secret is available and
do not accept signature-based if expected password-based and no trust anchors available.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/19729)

show more ...


# 6be83cc6 15-Dec-2021 Dr. David von Oheimb

OSSL_CMP_CTX: rename get/set function for trustedStore

This makes the naming more consistent, in a backward-compatible way

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged fr

OSSL_CMP_CTX: rename get/set function for trustedStore

This makes the naming more consistent, in a backward-compatible way

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17277)

show more ...


Revision tags: openssl-3.0.0-alpha16, openssl-3.0.0-alpha15, openssl-3.0.0-alpha14, OpenSSL_1_1_1k, openssl-3.0.0-alpha13, openssl-3.0.0-alpha12, OpenSSL_1_1_1j, openssl-3.0.0-alpha11
# 4333b89f 28-Jan-2021 Richard Levitte

Update copyright year

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13999)


# f5f4fbaa 12-Jan-2021 Richard Levitte

Make the OSSL_CMP manual conform with man-pages(7)

Details from man-pages(7) that are used:

Formatting conventions for manual pages describing functions

...

Make the OSSL_CMP manual conform with man-pages(7)

Details from man-pages(7) that are used:

Formatting conventions for manual pages describing functions

...
Variable names should, like argument names, be specified in italics.
...

Formatting conventions (general)

...
Special macros, which are usually in uppercase, are in bold.
Exception: don't boldface NULL.
...

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13846)

show more ...


Revision tags: openssl-3.0.0-alpha10, OpenSSL_1_1_1i, openssl-3.0.0-alpha9, openssl-3.0.0-alpha8, openssl-3.0.0-alpha7, OpenSSL_1_1_1h
# 0b86eefd 28-Aug-2020 Dr. David von Oheimb

OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12

OSSL_CMP_CTX: rename field and its getter/setter from 'untrusted_certs' to 'untrusted

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12788)

show more ...


Revision tags: openssl-3.0.0-alpha6, openssl-3.0.0-alpha5
# 299e0f1e 13-Jul-2020 Dr. David von Oheimb

Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Fixes #12395

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/

Streamline the CMP request session API, adding the generalized OSSL_CMP_exec_certreq()

Fixes #12395

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12431)

show more ...


Revision tags: openssl-3.0.0-alpha4, openssl-3.0.0-alpha3
# c4a9e3eb 29-May-2020 Dr. David von Oheimb

Move part of OSSL_CMP_validate_msg() to ossl_cmp_msg_check_update()

as checking expected_sender and adding caPubs is not part of msg validation.
Also constify a couple of internal and pu

Move part of OSSL_CMP_validate_msg() to ossl_cmp_msg_check_update()

as checking expected_sender and adding caPubs is not part of msg validation.
Also constify a couple of internal and public functions related to cmp_vfy.c

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)

show more ...


Revision tags: openssl-3.0.0-alpha2, openssl-3.0.0-alpha1
# 33388b44 23-Apr-2020 Matt Caswell

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11616)


Revision tags: OpenSSL_1_1_1g, OpenSSL_1_1_1f, OpenSSL_1_1_1e
# 31b28ad9 15-Feb-2020 Dr. David von Oheimb

chunk 7 of CMP contribution to OpenSSL

add CMP message validation and related tests; while doing so:
* add ERR_add_error_mem_bio() to crypto/err/err_prn.c
* move ossl_cmp_add_error_t

chunk 7 of CMP contribution to OpenSSL

add CMP message validation and related tests; while doing so:
* add ERR_add_error_mem_bio() to crypto/err/err_prn.c
* move ossl_cmp_add_error_txt() as ERR_add_error_txt() to crypto/err/err_prn.c
* add X509_STORE_CTX_print_verify_cb() to crypto/x509/t_x509.c,
adding internally x509_print_ex_brief(), print_certs(), and print_store_certs()
* move {ossl_cmp_,}X509_STORE_get1_certs() to crypto/x509/x509_lu.c

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/10620)

show more ...